ClearTermClearTerm

Privacy Policy

This Privacy Policy explains how ClearTerm processes personal data when you use our website, analyze contracts, or create an account.

Language

1. Data Controller

Name
Address
Email

2. Data we process

Depending on how you use ClearTerm, we may process the following categories of data:

  • Account data (email, user ID) when you sign up or sign in (Firebase Auth).
  • Contract files (PDF) and extracted text for analysis (server-side processing).
  • Analysis/result metadata (e.g., score, summary) if stored.
  • Usage and security data (e.g., IP/header-derived identifiers) for abuse prevention (rate limiting).
  • Billing/subscription metadata (e.g., Stripe customer/subscription IDs) if you upgrade to Pro.

3. Purposes of processing

  • Provide and operate the service (scan, diff, UI).
  • Security, abuse prevention, and rate limiting.
  • Account and subscription management.
  • Debugging and service improvement.

4. Legal bases (GDPR Art. 6(1))

  • Art. 6(1)(b) – performance of a contract (providing the service).
  • Art. 6(1)(f) – legitimate interests (security, abuse prevention, reliability).
  • Art. 6(1)(a) – consent (only if optional cookies/analytics are enabled).
  • Art. 6(1)(c) – legal obligation (e.g., tax/accounting duties for payments).

5. Processors / recipients

We use the following providers (as applicable):

  • Vercel – hosting/deployment and server functions.
  • Firebase (Google) – authentication and database (Firestore) for user/subscription metadata.
  • Stripe – payments and subscription management (we do not store full card details).
  • Upstash – rate limiting / abuse protection (Redis REST).
  • Google Gemini – AI analysis of contract content you provide.

6. International data transfers

Depending on the provider, data may be processed outside the EU/EEA (e.g., in the United States). Where applicable, we rely on appropriate safeguards (e.g., Standard Contractual Clauses where available) and/or relevant certifications/frameworks of providers.

7. Retention

  • Account data: until you delete your account.
  • Billing/subscription metadata: as long as needed (and potentially longer if legally required).
  • Analysis metadata (e.g., score/summary): if stored, until account deletion or per internal retention.
  • Raw files (PDF) and raw extracted text: not stored long-term (best effort).

8. Your rights

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)

To exercise your rights, contact us using the details in Section 1.

9. Cookies

ClearTerm uses only necessary cookies where required. Optional analytics/marketing cookies are used only with consent (if enabled).

10. Changes

We may update this Privacy Policy as our service or legal requirements change.

Note: This template is not legal advice. Please review with qualified counsel.